Urgent Requirement - Security Analyst
Working Location - Andheri
CTC - max 25 LPA
Experience required - 5 - 10 yrs
Working Days - 5 days
Designation - Manager
Purpose of the Job:
- To keep up to date with security trends, threats and control measures.
- To assist in technical vulnerability assessments of IT systems and processes, identifying potential vulnerabilities, to make recommendations to control any risks identified and follow-up for closure.
- He should monitor activities as per security plan for all the locations and assist in internal audit. Interact with all stakeholders to ensure the closure.
- Conduct Risk Assessment with help of IT Security Manager
- Assist in standardization of Inventory of authorized and unauthorized devices - That can include specific lists of device models that are allowed or banned, or lists of criteria devices must meet before they're allowed on the network.
- Assist in standardization of Inventory of authorized and unauthorized software - Likewise, organizations should know what software is allowed on their systems and have a way to monitor for applications that aren't allowed.
- Secure configurations for hardware and software - Ensure and random check of all devices, including PCs, laptops, mobile devices and servers, be properly configured as per hardening guidelines to prevent cyber attacks.
- Ensure Secure configurations for network devices - Likewise, Ensure and random check of routers, firewalls, switches and other networking devices be properly configured to protect against cyber attacks.
- Continuous vulnerability assessment and remediation - he should conduct the automated vulnerability testing to scan for security holes on at least quarterly basis. Follow-up to ensure closure and report to Security Head.
- Defenses against malware - Ensure all infrastructure devices have protection against malware.
- Secure web applications - Ensure security controls are present in applications.
- Whitelisting of Software
- Secure wired/ wireless devices - Monitor traffic on wired/ wireless networks and assist network admins to implement enterprise-level security controls to protect access points, as well as create awareness to ensure safe internet/ Wi-Fi use among employees.
- Data recovery- Random check of backup and restoration testing related controls.
- Monitor and ensure information security awareness training done for all employees and contracted employees.
- Control of ports and services - Check and ensure default ports and services are blocked or alternative controls are implemented.
- Controlled administrative privileges - Random check of administrative privileges
- Facilitate user access review and monitor ISMS metrics
- Boundary defenses - Research and suggest admins in blacklisting mail id and ip addresses.
- Assist in security solution implementation
- Monitoring and analysis of audit logs
- Assist in implementing controls against data loss
- Random check of implemented controls mentioned in information security policy and accompanying standards, procedures and guidance
- To investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken
- Respond to enquiries from staff and provide security advice as required
- Work with internal stakeholders to develop relationships to help promote and improve information security
Didn’t find the job appropriate? Report this Job